Field of the Invention
The present invention relates generally to the use of biometric technology for authentication and identification, and more particularly to non-contact based solutions for authenticating and identifying users, via computers, such as mobile devices, to selectively permit or deny access to various resources. In the present invention authentication and/or identification is performed using an image or a set of images of an individual's palm through a process involving the following key steps: (1) detecting the palm area using local classifiers; (2) extracting features from the region(s) of interest; and (3) computing the matching score against user models stored in a database, which can be augmented dynamically through a learning process.
Discussion of Related Art
Mobile devices, such as smartphones, tablets, and notebooks, have become widely adopted and used by many people on a daily basis. These devices have become more and more powerful and as developers create more and more applications and services that run on them, they become even more entrenched in our daily lives. These mobile devices not only provide a powerful computing platform in their own right but they also provide connectivity to a practically unlimited set of services, applications and data available on remote platforms which are typically accessed via a wireless link to a cell site and then backhauled to the internet backbone. In addition to accessing these remote platforms, mobile devices also have the ability to connect to other mobile devices through short and long range wireless connections.
Perhaps most importantly, the ever increasing penetration of these devices combined with the ongoing reduction in costs associated with component parts in these devices, has resulted in the devices becoming available with greater capabilities while still remaining affordable for many users. For example, as a result of the reduction in costs of component parts and the development of more powerful software, a substantial number of smartphones now include powerful cameras, which can take extraordinarily detailed photos on the order of eight megapixels or more.
One important issue that arises in the context of mobile devices and their widespread use in connection with so much functionality and their need to interact with so many different resources is the need to control access to each of these resources so that only those individuals or devices that should be authorized to access the applicable resources are actually able to do so. In the typical case, resource access is controlled through the input of text/numerical strings, such as user IDs and passwords. For example, a smartphone user may be required to enter a four digit code before he is permitted to access any functionality on the device. In addition, each local application or other resource on the device might require the user to enter one or more text/numerical strings prior to obtaining access to the resource. In this case, the correct data (user ID, password, etc.) may be stored in the memory of the device. Alternatively, for access to resources (applications, data, communication capabilities, etc.) that are located remotely from the device, the user and/or the device might be required to transmit a correct set of text/numerical strings to the remote resource which, in turn, verifies that the transmitted data matches the correct data before permitting access to the resource.
As one might imagine, for a typical smartphone user, for example, there are a number of drawbacks with the foregoing techniques for authentication and identification. For one, the need to remember user IDs and passwords for so many different applications, services, and other resources, each having their own requirements for how those IDs and passwords must be constructed, can be quite daunting and users often forget their IDs and passwords for resources that they do not access on a frequent basis. Another disadvantage is that there are security concerns with using textual/numeric strings to control access to resources. There are, for example, powerful software programs that can be used to hack these strings to gain unauthorized access to resources.
Also, the typical contact-based method of a user using his or her fingers to enter passwords and user IDs on the smartphone screen lends itself to security risks. Experienced hackers are often able to “lift” the fingerprint pattern from the screen based on the oil residue left by the finger to gain unauthorized access. This is particularly true in the context of entering a short numerical string such as a four digit number to unlock the device. Once the device is unlocked, many of the resources on the device might not even be secured leading to serious security risks.
One solution that has been targeted to eliminate or reduce the drawbacks discussed above involves the use of biometric technology to control access to resources available via mobile devices. While these solutions have, in some cases, eliminated some of the drawbacks discussed above, they still suffer from a number of disadvantages. For example, some contact-based solutions call for a user to place his or her finger on the device sensor, which has the ability to capture the user's fingerprint, which is then matched against local or remotely located fingerprint data to determine if there is a match sufficient to allow the user or the device to access one or more resources. In this case, as referenced above, a fingerprint can be lifted from the device sensor by a hacker and used to gain unauthorized access to one or more resources at a later time utilizing that appropriated fingerprint. These solutions also typically suffer from the drawback that the time to perform the processing necessary to determine if the fingerprint is a match can be unacceptable in the context of a busy user trying to gain access to many different resources on the device during the course of a typical day.
There are additional health issues associated with contact-based methods involving transmittal of germs, viruses, or other biological hazards, particularly in the case of shared devices between users. As is known in the art, an individual's fingertips, and an individual's hands more generally, are often one of the primary mediums for transferring germs, viruses, or other biological hazards between people. In the case of individual devices being shared amongst multiple people, contact-based methods of authentication and identification in which a user types an identifying string with his or her fingertips, or authenticates or identifies himself or herself through contact-based biometric methods, such as fingerprint or palm print recognition, among others, create risk of transferring said biological hazards via the shared contact medium.